New OPNsense Release

Hi all,

We are dropping in for a quick update bundling assorted fixes and general improvements in all areas. Not much to add this week, see for yourselves…

Don’t forget that ASLR is coming next week. ­čÖé

Here are the full patch notes for 16.1.15:

  • system: make authentication fallback configurable
  • system: settings cleanup and prettify
  • system: added explicit ETC timezone selection
  • high availability: add page for remote service control
  • high availability: properly enforce authentication
  • firmware: reboot and poweroff API actions
  • firmware: only kill GUI process, not captive portal
  • firmware: show errors in update window
  • firmware: keep polling for progress even when GUI restarts
  • backend: skip failing templates on bootup
  • trust: fix CA certificate count in overview
  • trust: allow key size up to 8192 bits
  • firewall: fix invalid NPT rule generation
  • firewall: speed up filter log pages
  • firewall: do not allow to change virtual IP mode after creation
  • firewall: moved settings page and rearranged settings accordingly
  • interfaces: unhook all but the last custom PHP module functions
  • interfaces: moved settings page and rearranged settings accordingly
  • dhcp: do not override RA settings after save
  • dns: resolver outgoing interface section moved to advanced as it will break setups with dynamic interfaces selected there
  • load balancer: sticky mode from firewall / system split off as separate setting
  • snmp: do not allow unicode in system location
  • intrusion detection: remove deprecated rbn-malvertisers.rules set
  • intrusion detection: add promiscuous mode / physical interface selection
  • overall: fix menu width on small size screens
  • overall: numerous translation fixes (contributed by Frederic Lietart)
  • overall: numerous translation fixes (contributed by Fabian Franz)
  • plugins: assorted bugfixes for HAProxy (contributed by Frank Wall)
  • mvc: fix translations by adding an escaping wrapper

And here are the patch notes for 16.7 BETA:

  • system: reworked the user / group manager privilege selection
  • firewall: IPv6 outbound NAT rework
  • interfaces: allow debug mode for DHCPv6 client
  • interfaces: remove ath(4) long distance helpers
  • dns: add custom port option for domain overrides
  • gateways/routes: fix for far gateway setups
  • overall: add stacked-to-horizontal feature for input forms

Stay safe,
Your OPNsense team